Matrix/Riot
-
@girish Getting an error on verifying:
$ curl https://example.com/.well-known/matrix/server
curl: (6) Could not resolve host: example.com (I used my own domain)I chowned the matrix folder and server file to be owned by yellowtent. I had to use sudo to get the mkdir command to work.
I set permissions of 0600 on the server file.
There is no app at example.com.
Matrix is installed at matrix.example.com.
Do I need to manually add a DNS entry for example.com? -
@will You need to have an app installed at
example.com
. You can even set it to redirect to some other existing app i.e go to existing app -> Location -> Add redirection. -
Hey! Works very very well. Runs smooth and does its job. But no LDAP would be a great feature for future
-
@will you can just enable registration in homeserver.yaml and you're good to go
-
well you can enable it yes, but users who registered were not able to login (?). I guess this is because it only accepts login from LDAP?
-
worked fine before when I tested it, did you also set
password_config: enabled: true localdb_enabled: true
and maybe restarted matrix?
-
@girish added a redirect for matrix, and it works! Is this only needed if an app lives at rimmer.cloud or do I need it regardless?
-
@will Only requirement is that it should be used by some app on Cloudron. You don't need to redirect it to matrix specifically.
example.com
can either be any app or it can redirect to any app. (At a technical level, all this means is that the Cloudron's reverse proxy is prepared & ready to answer requests for that domain). -
@girish Will this requirement be patched in a future release?
-
@will there is no way around this requirement. the matrix protocol requires the apex domain to serve up those documents. is your concern that the domain
example.com
can be used to host a site somewhere else? If so, all you have to do is to move the.well-known
setup to that server/new location. -
@girish My concern is having anything at example.com
It would be cleaner to just have cloudron handle that for me. Small gripe, not a big deal at all. -
@will said in Matrix/Riot:
It would be cleaner to just have cloudron handle that for me. Small gripe, not a big deal at all.
Ah, Cloudron side limitation can definitely be fixed
I agree that having to ssh and put files manually in a cryptic location is kinda crude. This will be fixed soonish but we just wanted to get the apps out for testing sooner rather than later.
-
@girish Dont get me wrong, Im thankful! Its great. I'm just giving a little feedback on possible improvements. Sounds like you are on it already
-
@msbt said in Matrix/Riot:
I'm guessing it is because of new keys and everything, haven't tried to re-use any of the existing ones.
Might very well be, yes. I'm going to try and migrate the keys too. The migration is hard to dry run though
-
if you want to make sure this works, you could try with a test-instance, after that a clone and then the real thing
good luck either way!
-
I'm transitioning my external reverse-proxy-and-well-known solution to the Cloudron solution. Is there any way I can configure Riot to have
https://domain.tld
asbase_url
while still having the Synapse server athttps://matrix.domain.tld
? This way I would be able keep Riot user sessions across migration. -
@yusf That should not be a problem. Riot can be installed on the main domain as well. Just make sure the
.well-known
is setup on the server. -
@girish Sorry, I meant doing so while keeping Riot at a subdomain too. I guess not?
-
@yusf Yeah, I think not
-
FWIW, I just installed all of this and tested it. Works great, instructions are clear. The yaml edits referenced by @msbt were quite helpful on the external-registration side.
Look forward to the eventual Jitsi package.
-
@girish What if I edited the Cloudron reverse proxy settings directly?
-
@yusf reverse proxy configs will get overwritten during updates. I think https://cloudron.io/documentation/apps/#well-known-uris should help setup well knowns the way you want them, no?
-
@girish Well-known is in place for Synapse already, but it seems that well-known configurations aren't enough to enable entering
domain.tld
as homeserver in Riot sign-in when the server is atmatrix.domain.tld
.What seems to be needed is the ability to forward the whole
/_matrix
path atdomain.tld
to Synapse.In nginx terms I belive that would look something like this:
server { listen 443; server_name domain.tld; location /_matrix { proxy_pass https://matrix.domain.tld; } }
-
@girish I really hope this is possible add this in Wishlist for Matrix User and room manageable so spamming prevent and keep my chat server clean
-
@ApplegateR said in Matrix/Riot:
@girish I really hope this is possible add this in Wishlist for Matrix User and room manageable so spamming prevent and keep my chat server clean
What are you referring to ? Did you maybe reply in the wrong thread?
-
@girish have a admin access from web. So that way I can manage user or room.
-
@ApplegateR you can just grab the synapse admin package from here and put it inside a Surfer/LAMP app, it's just static files. You can login with your admin user and manage users and channels.
-
@ApplegateR I just tried what @msbt mentioned and it works great. One error I ran into was that after uploading the files to a root surfer app and trying to log in, it spit out a "session expired" error. It turned out the account I was using wasn't an admin. To make a user an admin, refer to the doc here.
Basically, in Cloudron --> app settings page --> web terminal, and enter this code.
PGPASSWORD=${CLOUDRON_POSTGRESQL_PASSWORD} psql -h ${CLOUDRON_POSTGRESQL_HOST} -p ${CLOUDRON_POSTGRESQL_PORT} -U ${CLOUDRON_POSTGRESQL_USERNAME} -d ${CLOUDRON_POSTGRESQL_DATABASE} -c "UPDATE users SET admin=1 WHERE name='@user:example.com'"
The only part you need to edit is the one at the end to match your desired Matrix user:
@user:example.com
Then, you can log in and manage the Matrix server.
-
@humptydumpty and @msbt thank you guy for Huge help and why this wasn't on docs if anyone really interesting to have one for matrix management
-
@ApplegateR confirm it is work and thank you and I will just use surfer it better than nothing! much appericate of creator done this